The electronic tendering and bidding trading platform must meet the legal and compliance requirements of the Network Security Law of the People's Republic of China and the Basic Requirements for Network Security Level Protection of Information Security Technology 2.0. The basic requirements for information system security with equal security 2.0 are as follows:
Technical requirements "from surface to point" put forward safety requirements.
"Safe physical environment" mainly requires computer room facilities, "safe communication network" and "safe area boundary" mainly require the whole network, "safe computing environment" mainly requires the composition of nodes (including business applications and data), and "security management center" mainly requires system management and centralized control.
Management requirements "from elements to activities" put forward security requirements.
"Safety management system", "safety management organization" and "safety management personnel" mainly put forward three indispensable elements of management, while "safety construction management" and "safety operation and maintenance management" mainly put forward the management requirements of safety activities during construction and operation and maintenance.
From the main nodes of the whole process of electronic bidding, it can be divided into five main stages: bidding, bid opening, bid evaluation and bid selection. Among them, the confirmation of bidding contents and qualification conditions in bidding announcement information, ensuring the confidentiality of bidding unit information, the selection of bid evaluation experts and the confidentiality of the list, the anti-theft and anti-tampering of bidding documents, the anti-decryption failure during bid opening, the anti-leakage of judges' bid evaluation process and the anti-tampering of bid evaluation results are the key security issues in electronic bidding.
Summarize the risk points that need to be solved in the five major links, which can be mainly summarized into the following six types of problems:
1. User identity confirmation in electronic bidding:
2. The risk of leakage of the list of bidders in the bidding registration stage;
3. The risk of leakage of the list of experts in the process of expert extraction;
4. Anti-theft and anti-tampering of bid documents;
5. Risk of decryption failure during bid opening;
6. Anti-leakage in the evaluation process and anti-tampering of the evaluation results of the judges.
The above is about the security risks of the electronic bidding trading platform. I hope it helps you!
For more information about project/service/procurement bidding, and to improve the winning rate, please click on the bottom of official website Customer Service for free consultation:/#/? source=bdzd